Search Results (365291 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0944 1 Microsoft 1 Jet 2026-04-16 N/A
Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file.
CVE-2005-0946 1 Coinsoft Technologies 1 Phpcoin 2026-04-16 N/A
SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the (1) term/keywords field on the search page, (2) username or (3) e-mail field on the forgot password page, or (4) domain name on the ordering new package page.
CVE-2005-0950 1 Faststone 1 4in1 Browser 2026-04-16 N/A
Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows remote attackers to read arbitrary files via a (1) ... (triple dot) or (2) ..\ (dot dot backslash) in the URL.
CVE-2005-0952 1 Php Arena 1 Pafiledb 2026-04-16 N/A
Cross-site scripting vulnerability in pafiledb.php in PaFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2005-0953 2 Bzip, Redhat 2 Bzip2, Enterprise Linux 2026-04-16 N/A
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
CVE-2005-0954 1 Microsoft 3 Internet Explorer, Windows Explorer, Windows Xp 2026-04-16 N/A
Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a malformed Windows Metafile (WMF) file.
CVE-2005-0955 1 Interakt 1 Mx Shop 2026-04-16 N/A
SQL injection vulnerability in InterAKT MX Shop 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id_ctg parameter.
CVE-2005-0956 1 Interakt 1 Mx Kart 2026-04-16 N/A
Multiple SQL injection vulnerabilities in index.php in InterAKT MX Kart 1.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) idp, (2) id_ctg, or (3) id_man parameter.
CVE-1999-0482 1 Openbsd 1 Openbsd 2026-04-16 N/A
OpenBSD kernel crash through TSS handling, as caused by the crashme program.
CVE-1999-1483 1 Svgalib 1 Svgalib 2026-04-16 N/A
Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
CVE-2005-0958 1 Yepyep 1 Mtftpd 2026-04-16 N/A
Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command.
CVE-2005-3725 1 Zyxel 1 Prestige 2000w V.1voip Wi-fi Phone 2026-04-16 N/A
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addresses for its DNS servers, which could allow remote attackers to cause a denial of service or hijack Zyxel phones by attacking or spoofing the hardcoded DNS servers. NOTE: it could be argued that this issue reflects an inherent limitation of DNS itself, so perhaps it should not be included in CVE.
CVE-2005-0959 1 Yepyep 1 Mtftpd 2026-04-16 N/A
Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may allow attackers to execute arbitrary code via a long path.
CVE-2005-3727 1 Revize Cms 1 Revize Cms 2026-04-16 N/A
SQL injection vulnerability in debug/query_results.jsp in Idetix Software Systems Revize CMS allows remote attackers to execute arbitrary SQL commands via the query parameter.
CVE-2005-0961 1 Horde 1 Application Framework 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title.
CVE-2005-0962 1 Lighthouse Development 1 Squirrelcart 2026-04-16 N/A
SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action.
CVE-2005-3736 1 Coastal Data Management 1 E-quick Cart 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in e-Quick Cart allow remote attackers to inject arbitrary web script or HTML via the (1) strgifttoname parameter in shopgift.asp, (2) strfirstname parameter in shopmaillist.asp, (3) strpid parameter in shopprojectlogin.asp, and (4) Custname parameter in shoptellafriend.asp.
CVE-2005-0963 1 Toshiba 1 Acpi Flash Bios 2026-04-16 N/A
An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this issue poses a security vulnerability, since administrative privileges would be required, and other DoS attacks are possible with such privileges.
CVE-2005-0966 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions.
CVE-2005-0970 1 Apple 1 Mac Os X 2026-04-16 N/A
Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts.